In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm. Without a key, the algorithm would have no result. In encryption, a key specifies the particular transformation of plaintext into the encrypted text, or vice versa during decryption. Keys are also used in other cryptographic algorithms, such as digital signature schemes and message authentication codes.
It is often said that in designing security systems, it is wise to assume that the details of the cryptographic algorithm are already available to an attacker. This principle is known as Kerckhoffs' principle and thus only the secrecy of the key provides security. This principle is based on the fact that it is difficult to keep the details of a widely-used algorithm secret. A key is often easier to protect, since it often is a small piece of information compared to the encryption algorithm. However, it may also be difficult to keep a key secret and if the attacker obtains the key in some way he or she may recover the original message from the encrypted data.
Encryption algorithms which use the same key for both encryption and decryption are, as mentioned above, known as symmetric key algorithms. There are also asymmetric key algorithms which use a pair of keys, one to encrypt and one to decrypt. These asymmetric key algorithms allow one key to be made public while retaining the private key in only one location. They are designed so that finding out the private key is extremely difficult, even if the corresponding public key is known. A user of public key technology can publish their public key, while keeping their private key secret, allowing anyone to send them an encrypted message.
In order for a key to be “safe” in conjunction with symmetric encryption algorithms a length of 80 bits is generally considered the minimum and 128-bit keys are commonly used and considered very strong. The keys used in public key cryptography have some mathematical structure. For example, public keys used in the RSA system are the product of two prime numbers. Thus public key systems require longer key lengths than symmetric systems for an equivalent level of security. 3072 bits is the suggested key length for systems based on factoring and integer discrete logarithms which aim to have security equivalent to a 128 bit symmetric cipher.
As mentioned above it is possible to generate keys with a high degree of safety, if they arc long enough both for keys based on symmetric and asymmetric algorithms. However, there is a problem in key distribution. If, for example two parties want to communicate with each other using symmetric cryptography they first have to decide what key to use and then the safely distribute it from one party to the other. Furthermore, the key has to be kept secret by both parties. The risk that an intruder may find out the key increases with the time the key is in use. Therefore, a key is normally valid only during a limited time, for example six or twelve months. After that time a new key has to be distributed.
Also, the distribution of keys for asymmetric cryptography encryption encounters problems with key distribution when two parties want to communicate with each other. In order to send information in both directions they need to exchange public keys with each other. Also in this case the keys usually have a limited time period during which they are valid. For a party that communicates with many different parties the management of distribution of valid public keys may be annoying. A typical example is that the validity of a key has expired when you need to send some secret information urgently to another party or that you have not exchanged public keys yet.
Another type of cryptography is quantum cryptography, which uses quantum mechanics to guarantee secure communication. It enables two parties to produce a shared random bit string known only to them, which can be used as a key to encrypt and decrypt messages. An important and unique property of quantum cryptography is the ability of the two communicating users to detect the presence of any third party trying to gain knowledge of the key. This is the result of a fundamental aspect of quantum mechanics, i.e. the process of measuring a quantum system will affect the system. Since a third party trying to eavesdrop on the key somehow has to measure it, there will be detectable anomalies. Thus, the security of quantum cryptography relies on the foundations of quantum mechanics, in contrast to traditional public key cryptography which relies on the computational difficulty of certain mathematical functions, and cannot provide any indication of eavesdropping or guarantee of key security.
Quantum cryptography is only used to produce and distribute a key, not to transmit any message data. This key can then be used with any chosen encryption algorithm to encrypt and decrypt a message, which can then be transmitted over a standard communication channel.
Even if key generation with quantum cryptography provides a very safe way to generate and distribute a key it also has a major drawback. The distance over which a quantum key may be distributed is limited to about 100 kilometer, due to the properties of quantum mechanics.
Given the above mentioned problems there is a need for a simple way to generate and distribute a cryptographic key.